Week 34 Cyberattack Digest 2018 – DNC, Sitter app, Facebook and others
Are you ready for this week’s cyber attack digest? If yes, then have a look on our compilation of security incidents of the week 34.
Fake login page may fool voters
by Engadget – 22 August 2018
Two years ago, the Democratic National Committee became a victim of attackers. Since then, the party has been working on its security improvement. Still, the reality shown that this was not enough. Recently, the party has informed the FBI about a possible phishing attempt. According to the officials, the attack aimed at gaining access to the DNC voter database. The cybersecurity firm Lookout spotted that malefactors had managed to create a fake login page looking just like the one by the Democratic National Committee. The page originally serves for logging into a service called Votebuilder. Mike Murray, VP of security intelligence at Lookout, noted that the fake page and the real Votebuilder’s one looked similar and very convincing so that it was almost impossible to tell one from another. Also, it is supposed that the fake page might have been sent to Democrats via email attempting to gather Votebuilder credentials.
Health and beauty giant held for ransom
by Infosecurity Magazine – 22 August 2018
The more famous an organization is, the more attention it attracts, and this principle also touches malefactors. The recent attack on Superdrug big-name retailer demonstrably proves that. The UK health and beauty giant experienced a major breach affecting customer data as attackers were aiming to hold the firm to ransom. Cybercriminals contacted retailer’s representatives last Monday claiming to have accessed records of about 20,000 customers. Immediately after that, the organization started sending emails out to the affected customers. Superdrug confirmed over 300 accounts being compromised, but the company appears is trying to minimize the fall-out. The compromised records included names, addresses, dates of birth and phone numbers as well as points balances. There is no evidence that any financial information has been accessed.
Iranian hackers are back again
by Bleeping Computer – 24 August 2018
Probably, you remember the hype that surrounded a series of attacks performed by Iranian hackers associated with the group “Cobalt Dickens” or “Silent Librarian”. In March 2018, nine hackers that are supposed to be behind the group’s activity were charged by the US JOD with carrying out cyber-attacks against 144 US universities and 176 universities in 21 foreign countries. It is believed that the attackers were “hackers-for-hire or affiliates of the Mabna Institute, an Iran-based company that, since at least 2013, conducted a coordinated campaign of cyber intrusions.” Still, this was not the end of the story as new phishing attacks were carried out by the Cobalt Dickens group not a while ago. Cybersecurity experts at Secureworks say they initially disclosed some URL spoofing a login page for a university. After further investigations, a broader campaign aimed at multiple targets was discovered. “Sixteen domains contained over 300 spoofed websites and login pages for 76 universities located in 14 countries, including Australia, Canada, China, Israel, Japan, Switzerland, Turkey, the United Kingdom, and the United States,” commented the researchers.
Sitter for your babies is not safe
by Latest Hacking News – 24 August 2018
When speaking about data breaches, it is not always a hacker that causes an incident: some of them may occur even accidentally. A popular app for connecting babysitters with parents called Sitter has been involved into an involuntary exposure of records of over 93,000 parents. The incident was caused by a MongoDB database that was left exposed on the Internet with no credentials, which was noticed by an independent security researcher Bob Diachenko. The researcher spotted the database on August 14 and immediately reported the issue to the Sitter developers. The database was secured on the same day of the report. In terms of exposed records, the database contained various types of information, including some sensitive user data, such as encrypted passwords for around 93,000 users, the number of children per family, home addresses, phone numbers, address book contacts, and some payment card numbers.
Facebook banned MyPersonality app
by SC Magazine – 24 August 2018
Still, this was not the only security incident that affected applications last week. Facebook banned MyPersonality app that put under risk data of 4 million users. After the application had gathered data on more than four million people Facebook users, its developers refused to be auditd, so the social media company banned the app in a purge that saw 400 additional apps suspended. “It’s clear that they shared information with researchers as well as companies with only limited protections in place. As a result, we will notify the roughly four million people who chose to share their Facebook information with myPersonality that it may have been misused,” commented Facebook Vice President of Product Partnerships Ime Archibong.
New attacks occur every week: some of them are quite unique and some follow classic scenarios, still the only thing we can say for sure is that it is always essential to care about your security. we hope you do not forget to follow us on Twitter, Facebook, and LinkedIn.